Various Questions about Wireless Access Controller

Answered Question
Feb 26th, 2010

Help me please with these basic questions about the role of the Wireless Access Controller (AC).

Suppose the Access Controller and Access Point are connected via IP:

- Wireless Frames sent from AP to AC; include the original MAC header (of the wireless path)?  In case Yes, is there a Cisco AC able to bridge the WLAN and the LAN it is connected (meaning it outputs Ethernet frames as if they were originated by Mobile Stations).

- Is the AC necessarily the default gateway for the mobile stations? I suppose not. But can it be made the default gateway?

Can the Cisco AC work as a DHCP relay?

I have this problem too.
0 votes
Correct Answer by j-mccarthy about 6 years 10 months ago

The AP creates a tunnel to the controller. All IP traffic from the AP to the controller will have source address of the AP and dest IP to the AP Manager interface on the controller. The wireless client traffic is encapsulated inside this tunnel. When it hits the controller the CAPWAP is removed leaving the original packet from the client to be sent to the LAN by the controller.

The controller should not be the default gateway for the wireless clients because it is not a router. Think of it as an appliance that converts wireless traffic into wired.

Normally the controller acts as a DHCP proxy. Once the client has joined a WLAN, the controller sends DHCP packets to the the DHCP server on behalf of the clients like the ip helper address normally configured on the router for wired clients. Alternatively you can configure the controller to act as the DHCP server for wireless clients.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
j-mccarthy Tue, 03/23/2010 - 04:28

The AP creates a tunnel to the controller. All IP traffic from the AP to the controller will have source address of the AP and dest IP to the AP Manager interface on the controller. The wireless client traffic is encapsulated inside this tunnel. When it hits the controller the CAPWAP is removed leaving the original packet from the client to be sent to the LAN by the controller.

The controller should not be the default gateway for the wireless clients because it is not a router. Think of it as an appliance that converts wireless traffic into wired.

Normally the controller acts as a DHCP proxy. Once the client has joined a WLAN, the controller sends DHCP packets to the the DHCP server on behalf of the clients like the ip helper address normally configured on the router for wired clients. Alternatively you can configure the controller to act as the DHCP server for wireless clients.

MCentrick2010 Tue, 03/23/2010 - 04:43

Thanks!

But could you please clarify:

"... When it hits the controller the CAPWAP is removed leaving the original packet from the client to be sent to the LAN by the controller..."

Is the MAC address of wireless clients presented on the output of the controller?

Or only the original IP packet sent by wirelss clients?

j-mccarthy Tue, 03/23/2010 - 05:40

Without looking at a sniffer trace my guess would be that ethernet frames from wireless clients have the source MAC address of the wireless client not the controller when they are transmitted onto the LAN.

The CAPWAP RFC states that the 803.2 frame must be encapsulated. This would include the original source and destination MAC addresses. http://tools.ietf.org/html/rfc5415#section-4.4.2

Scratch that, the destination MAC of the frame from the client is the the radio interface on the AP. This is changed to either the router MAC (if the destination IP is off the subnet) or the destination MAC (if the destination IP is on the local subnet) by the controller. So the destination MAC is changed, who knows about the source MAC..

Theres a good FAQ here which will help you on the CAPWAP, routing & DHCP operation

http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a008064a991.shtml

This URL explains the whole process using LWAPP, assume it's the same in CAPWAP

http://www.cisco.com/en/US/docs/wireless/technology/controller/deployment/guide/dep.html#wp1051002

This picture would probably answer your question about the source MAC addresses. If anyone could actually read it !!

http://www.cisco.com/en/US/i/100001-200000/150001-160000/155001-156000/155249.jpg

Actions

This Discussion